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DETAILED ACTION 



Response to Amendment 

1 . This Office Action is responsive to Applicants amendment and request for 
reconsideration of application 09/800,641 (March 7, 2001) filed on March 17, 2005. 

The amendment contains amended claims 1, 7 and 8. 

The amendment contains amended abstract. 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1- 8 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Sandberg-Diment (US PAT 5,826,245). 

Re claim 1, 7 and 8: Sandberg-Diment teaches a system and method 
comprising: A automated trust negotiations between first and second parties connected 
over a network (see Fig 2), comprising the steps of: providing each party with a set of 
credentials, wherein a credential (i.e. customer name, portion of a credit card number, 
see column 2, lines 31-35 and column 3, lines 16-18) provides an authorization of a 
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property of its respective party, classifying one or more credentials (classifying 
credentials is interpreted as customers name, address, tags and purchase order, see 
column 3 lines 17-20) in the set of credentials for said first party as sensitive (i.e. 
confidential, see column 1, lines 60-65), such that they can only be disclosed to another 
party subject to certain predetermined criteria (see column 1, lines 36-42)., establishing 
negotiations over the network between said first and second parties in order to complete 
a desired transaction, wherein said transaction is only authorized to proceed if at least 
one of the parties receives certain predetermined credentials (i.e. a randomly generated 
tag, see column 1 , lines 62-67) from the other party; and transmitting at least one of the 
one or more sensitive credentials from the first party to the second party as part of said 
negotiations (portions of a credit card number and/or a tag generated by a computer 
see column 2, lines 49-55), subject to the first party previously receiving from the 
second party one or more credentials that satisfy said certain predetermined criteria (i.e. 
sending the credit card information from the initiating party to the verifying party, see 
lines 40-48); wherein said first and second parties are a server (i.e. verifying party) and 
a client (i.e. initiating party) respectively, wherein said server is to perform the desired 
transaction in response to a request from the client (i.e. the initiating party, see column 
1 , lines 37-40); wherein the server specifies a set of credentials (i.e. the credit card 
number, see column 2, lines 32-33) that it must receive from a client in order to set up 
or perform the transaction (see column 2, lines 40-45); wherein both the client and the 
server have one or more credentials in their respective sets of credentials which are 
classified as sensitive, such that they can only be disclosed to another party subject to 
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certain predetermined criteria; wherein the negotiations over the network between the 
client and the server in order to complete a desired transaction include transmitting at 
least one of the one or more sensitive credentials from the client to the server as part of 
said negotiations subject to the client previously receiving from the server one or more 
credentials that satisfy said certain predetermined criteria for the client (see column 3, 
lines 8-22); wherein at least one party adopts an eager strategy, according to which all 
sensitive credentials are transmitted to the other party subject only to receipt of certain 
predetermined credentials from the other party (see column 2, lines 49-59), irrespective 
of whether or not transmission of such sensitive credentials is necessary in order to 
complete said transaction; and wherein at least one party adopts a parsimonious 
strategy, according to which only selected sensitive credentials are transmitted to the 
other party from the set of sensitive credentials that could be transmitted after receipt of 
certain predetermined credentials from the other party, said selection being performed 
on the basis of transmitting only those sensitive credentials that are specifically 
necessary in order to complete said transaction (see column 3, lines 43-54). 
A Computer program would have been inherent to perform the method shown by 
Sandberg-Diment as stated supra. And per modified claim 7, a computer program 
product stored on a computer readable storage medium to be run on a computer 
system to carry out the method shown by Sandberg-Diment would have been inherent. 
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Re Claim 2: The method, wherein said first and second parties are a client and a 
server respectively, wherein said server is to perform the desired transaction in 
response to a request from the client (see Fig 1 and 2). 

Re Claim 3: The method, wherein in order to set up or perform the transaction, 
the client is required to supply at least one of the one or more sensitive credentials to 
the server (see column 1 , lines 37-42). 

Re Claim 4: The method, wherein said parsimonious strategy involves the 
exchange of credential requests to establish a point of confidence prior to transmission 
of credentials themselves (see column 2, lines 1-20). 

Re Claim 5: The method, wherein at least one party initially adopts an eager 
strategy, according to which all sensitive credentials are transmitted to the other party 
subject only to receipt of certain predetermined credentials from the other party (see 
column 2, lines 1-3), irrespective of whether or not transmission of such sensitive 
credentials is necessary in order to complete said transaction, and then at a later stage 
of said negotiations subsequently adopts a parsimonious strategy, according to which 
only selected sensitive credentials (i.e. tag) are transmitted to the other party from the 
set of sensitive credentials that could be transmitted after receipt of certain 
predetermined credentials from the other party, said selection being performed on the 
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basis of transmitting only those sensitive credentials that are specifically necessary in 
order to complete said transaction (see column 3, lines 10-15 and 23-27). 

Re Claim 6: The method, wherein said server defines a service governing policy 
that specifies certain roles, such that said client can only set up or perform the 
transaction if it has sufficient credentials to allow it to assume one of said certain roles 
(i.e. the initiating party has to have a credit card number in order to perform the 
transaction, see column 1, lines 7-12). 

Response to Arguments 

Applicant's arguments filed regarding 35 USC § 102 have been fully considered 
but they are not persuasive. The art cited in Sandberg-Diment teaches the claims as 
filed by the Applicant. In the Applicant's remarks, reference is made to a "credential 
access policy" (page 10, line 29) as a distinguishing point between the Applicant's 
claims and the art disclosed by Sandberg-Diment. However, the examiner notes that 
the claims as cited in the current application are taught by Sandberg-Diment in terms of 
providing a network to exchange sensitive information in whole or in part. While the 
Applicant discusses "trust negotiation" (page 10, line 37), the claim language as 
presented does not disclose art which is distinct from the art as disclosed by Sandberg- 
Diment. 

Regarding the use of an "eager" strategy and a "parsimonious" strategy as being 
used in the verification process, the examiner notes that Sandberg-Diment discloses 
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both types of transactions. The "eager" strategy involving providing all information, 
whether required or not, at one time is disclosed as cited in the Office Action and further 
as background in column 1 , lines 5 - 30. The traditional means for receiving verification 
is to send all information upon initiating a transaction, as disclosed in the Background 
section of the Sandberg-Diment patent. From there, Sandberg-Diment discloses a 
system using the "parsimonious" strategy such that information is sent for verification to 
a verifying body in segments, such that all of the information is not being disclosed at 
one time. The initial Office Action pointed to column 2, lines 49 - 59 as illustrating each 
method. In the first portion, the consumer is entering the whole of the information such 
as credit card number, expiration date, and the purchase order. If this information were 
to be sent out in that form, as disclosed in the Background, the method would be of the 
"eager" nature.. However, the remainder of that passage discloses that the information 
is then split up and grouped for delayed transmittal to a verifying body. 

The Applicant's claim 1 claim language and Applicant's remarks on page 11 in 
the last paragraph, the claim language as provided by the Applicant does not indicate 
that all of the sensitive information must be shared amongst two parties. The language 
calls for "at least one" of the sensitive pieces to be shared. Sandberg-Diment clearly 
discloses wherein at least one piece of sensitive information is being shared as cited in 
the previous and current Office Application and referenced in the Applicant's remarks on 
page 1 1 . 

Regarding the teaching of a "parsimonious" strategy, Sandberg-Diment discloses 
a system using the "parsimonious" strategy such that information is sent for verification 
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to a verifying body in segments, such that all of the information is not being disclosed at 
one time. As per the Applicant's response to column 3, lines 34 through 54, the 
information contained therein discloses sending information in pieces, separating 
sensitive information such that it is not communicated in one transmittal. That, in 
conjunction with the other discussion as presented in this Response to Arguments, 
points to the disclosure of a "parsimonious" strategy being disclosed by Sandberg- 
Diment. 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Conclusion 

Any inquiry concerning this communication should be directed to Jennifer 
Liversedge whose telephone number is 571-272-3167. The examiner can normally be 
reached on Monday - Friday, 8:30 - 5 PM. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Sam Sough can be reached at 571-272-6799. The fax number for the 
organization where the application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov . Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Jennifer Liversedge 

Examiner 

Art Unit 3628 
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